Search Bit Rot

#Credentials

As Red Teamers, we often encounter engagements with targets that may allow remote workers, but require
all connections to pass through a central VPN for access to the Corporate assets. These VPNs typically authenticate
with two factor authentication or other mechanisms. We will use OpenConnect and
ocproxy to automatically log in to a VPN once credentials are acquired from
a phishing page.